I was able to set up my Facebook and Twitter Login using Omniauth http://railscasts.com/episodes/241-simple-omniauth my Rails app. My login works perfectly on my computer (I tested both on production and development) and I did not detect a problem until someone e-mailed me this problem when he tried to sign in with Facebook:

The change you wanted was rejected.
Maybe you tried to change something you didn't have access to.

It turns out that no one else can sign in or create an account through FB or Twitter besides me on my development computer.

From other solutions, I removed protect_from_forgery and added skip_before_filter :verify_authenticity_token to my application_controller.rb, but I'm still getting that same problem.

Sounds like you're having the same issue as this.
–
kaptronJun 29 '12 at 0:11

@kaptron Yes, I saw that solution and followed it. It didn't do anything for me.
–
HuyJun 29 '12 at 0:54

1

Found my problem. It was a simple name validation that was throwing that error.
–
HuyJul 3 '12 at 2:24

^ That totally was my problem as well. Everyone should make sure that they check their production logs / heroku logs to see if it really is an Omniauth problem. The problem is also that the 422 isn't noticeably a 422 until you look at the validation errors in the logs.
–
VivekSep 19 '12 at 4:15